📞
Contrxl
External Links
Theoretical Learning
Theoretical Learning
  • 🏡Home
  • 📰News & Information
  • Systems Administration
    • ⌨️Cisco
      • Networking Basics
        • Communication in a Connected World
        • Network Components, Types and Connections
        • Wireless and Mobile Networks
        • Home Networking Technologies
        • Communication Protocols
        • Network Media
        • The Access Layer
        • The Internet Protocol
        • IPv4 and Network Segmentation
    • 🎓Learning Links
    • 💻Microsoft
      • AZ-900
        • 1. Cloud Concepts
          • 1.1 Describe Cloud Computing
            • 1.1.1 Introduction - Cloud Computing
            • 1.1.2 What is Cloud Computing?
            • 1.1.3 The Shared Responsibility Model
            • 1.1.4 Define Cloud Models
            • 1.1.5 Define the Consumption based Model
            • 1.1.6 Summary - Cloud Computing
          • 1.2 Describe the Benefits of Cloud Services
            • 1.2.1 Introduction - Cloud Services
            • 1.2.2 Benefits of High Availability and Scalability
            • 1.2.3 Benefits of Reliability and Predictability
            • 1.2.4 Benefits of Security and Governance
            • 1.2.5 Manageability in the Cloud
            • 1.2.6 Summary - Cloud Services
          • 1.3 Describe Cloud Service Types
            • 1.3.1 Introduction - Cloud Service Types
            • 1.3.2 Describe Infrastructure as a Service
            • 1.3.3 Describe Platform as a Service
            • 1.3.4 Describe Software as a Service
            • 1.3.5 Summary - Cloud Service Types
        • 2. Architecture
          • 2.1 Core Architectural Components
            • 2.1.1 Introduction - Core Architectural Components
            • 2.1.2 What is Microsoft Azure
            • 2.1.3 Get Started with Azure Accounts
            • 2.1.4 Explore the Learn Sandbox
            • 2.1.5 Describe Azure Physical Infrastructure
            • 2.1.6 Describe Azure Management Infrastructure
            • 2.1.7 Create an Azure Resource
            • 2.1.8 Summary
          • 2.2 Compute and Networking
            • 2.2.1 Introduction - Compute and Networking
            • 2.2.2 Describe Azure VMs
            • 2.2.3 Create an Azure VM
            • 2.2.4 Describe Azure Virtual Desktop
            • 2.2.5 Describe Azure Containers
            • 2.2.6 Describe Azure Functions
            • 2.2.7 Describe Application Hosting Options
            • 2.2.8 Describe Azure Virtual Networking
            • 2.2.9 Configure Network Access
            • 2.2.10 Describe Azure VPNs
            • 2.2.11 Describe Azure ExpressRoute
            • 2.2.12 Describe Azure DNS
            • 2.2.13 Summary - Compute and Networking
          • 2.3 Azure Storage Services
            • 2.3.1 Introduction - Storage Services
            • 2.3.2 Describe Azure Storage Accounts
            • 2.3.3 Describe Azure Storage Redundancy
            • 2.3.4 Describe Azure Storage Services
            • 2.3.5 Create a Storage Blob
            • 2.3.6 Identify Azure Data Migration Options
            • 2.3.7 Identify Azure File Movement Options
            • 2.3.8 Summary - Storage Services
        • 3. Management and Governance
          • 3.1 Cost Management
            • 3.1.1 Introduction - Cost Management
            • 3.1.2 Describe Factors that can Affect Costs in Azure
            • 3.1.3 Compare Pricing and TCO Calculators
            • 3.1.4 Estimate Workload Costs
            • 3.1.5 Compare Workload Costs with TCO
            • 3.1.6 Describe the Microsoft Cost Management Tool
            • 3.1.7 Describe the Purpose of Tags
            • 3.1.8 Summary - Cost Management
          • 3.2 Governance and Compliance
            • 3.2.1 Introduction - Compliance and Governance
            • 3.2.2 Describe the Purpose of Microsoft Purview
            • 3.2.3 Describe the Purpose of Azure Policy
            • 3.2.4 Describe the Purpose of Resource Locks
            • 3.2.5 Configure a Resource Lock
            • 3.2.6 Describe the Purpose of the Service Trust Portal
            • 3.2.7 Summary - Compliance and Governance
          • 3.3 Tools for Managing Azure Resources
            • 3.3.1 Introduction - Tools for Managing Azure Resources
            • 3.3.2 Describe Tools for Interacting with Azure
            • 3.3.3 Describe the Purpose of Azure Arc
            • 3.3.4 Describe ARM and Azure ARM Templates
            • 3.3.5 Summary - Tools for Managing Azure Resources
          • 3.4 Monitoring Tools
            • 3.4.1 Introduction - Monitoring Tools
            • 3.4.2 Describe the Purpose of Azure Advisor
            • 3.4.3 Describe Azure Service Health
            • 3.4.4 Describe Azure Monitor
    • 📘Microsoft Portal Links
  • Cybersecurity
    • ❓Anonymity Tools
    • 💡OSINT
      • IP & Domain OSINT
      • Email & Username OSINT
      • Vulnerability OSINT
    • 📚Projects
      • ‼️A Simulation Study of DDoS
  • 🦈Hacking
    • ☁️Cloud Attack Vectors
      • Credential Harvesting
      • Privilege Escalation
      • Account Takeover
      • Metadata Service Attacks
      • Misconfigured Cloud Assets
      • Resource Exhaustion and DoS
      • Cloud Malware Injection Attacks
      • Side-Channel Attacks
    • Maintaining Persistence
      • Reverse and Bind Shells
      • Command and Control (C2) Utilities
      • Scheduled Jobs, Tasks and Custom Daemons
    • 💻Network-Based Vulnerabilities
      • Windows Name Resolution and SMB
      • DNS Cache Poisoning
      • SNMP
      • SMTP
      • FTP
      • Pass-the-Hash
      • Kerberos and LDAP-Based Attacks
      • On-Path
      • Route Manipulation
      • DoS and DDoS
      • NAC Bypass
      • VLAN Hopping
      • DHCP Starvation/Rogue DHCP Server
    • Pivoting
      • Post-Exploitation Scanning
      • Legitimate Utilities and LotL
      • Privilege Escalation
    • Specialised System Vulnerabilities
      • Mobile Devices
      • Internet of Things Devices
      • Virtual Machines
      • Containerised Workloads
    • ⚒️Tools
      • Burp Suite
        • Repeater
        • Intruder
        • Other Modules
      • GoPhish
      • Hydra
      • John the Ripper
      • Metasploit
        • Exploitation
        • Meterpreter
      • NMAP
      • Wireshark
    • 🖥️TryHackMe
      • Complete Beginner
        • 1. Complete Beginner Intro
        • 2. Linux Fundamentals
        • 3. Introductory Networking
        • 3.1 Network Exploitation Basics
        • 4. OWASP Top 10 Exploits
        • 5. Upload Vulnerabilities
        • 5.1 An Example Methodology
        • 6. Cryptography - Hashing
        • 7. Cryptography - Encryption
        • 8. Active Directory Basics
        • 9. What the Shell?
        • 10. Linux Privesc
        • 11. More Linux Privesc
      • Jr Penetration Tester
        • Walking an Application
        • Content Discovery
        • Subdomain Enumeration
        • Authentication Bypass
        • IDOR
        • File Inclusion
        • SSRF
        • XSS (Cross-site Scripting)
        • Command Injection
        • SQL Injection
        • Passive Reconnaissance
        • Active Reconnaissance
        • Protocols and Servers
        • Protocol and Server Attacks
        • Vulnerabilities
        • Exploiting Vulnerabilities
        • Linux Privilege Escalation
        • Windows Privilege Escalation
      • CompTIA Pentest+
        • Planning and Scoping
          • Pentesting Fundamentals
          • Red Team Engagements
          • Governance and Regulation
        • Tools and Code Analysis
          • Metasploit: Introduction
          • Wireshark: The Basics
          • Burp Suite: The Basics
          • Hydra
          • Python Basics
        • Attacks and Exploits
          • Phishing
          • Windows Local Persistence
          • Breaching Active Directory
          • Lateral Movement & Pivoting
    • Web Application Vulnerabilities
      • The HTTP Protocol
      • Business Logic Flaws
      • Injection-Based Vulnerabilities
      • Authentication-Based Vulnerabilities
      • Authorisation-Based Vulnerabilities
      • Cross-Site Scripting (XSS)
      • Cross-Site Request Forgery (CSRF/XSRF) and Server-Side Request Forgery (SSRF)
      • Clickjacking
      • Security Misconfigurations
      • File Inclusion Vulnerabilities
      • Insecure Coding Practices
    • Wireless Vulnerabilities
      • Rogue Access Point/Evil Twin
      • Disassociation/Deauthentication
      • Preferred Network List Attack
      • Wireless Signal Jamming
      • War Driving
      • Initialization Vector (IV) and Insecure Wireless Protocol
      • KARMA
      • Fragmentation Attacks
      • Credential Harvesting
      • Bluejacking and Bluesnarfing
      • RFID Attacks
Powered by GitBook
On this page
  • Introduction
  • Why is Encryption Important?
  • Crucial Maths
  • Types of Encryption
  • RSA (Rivest Shamir Adleman)
  • Digital Signatures and Certificates
  • SSH Authentication
  • Diffie Hellman Key Exchange
  • PGP, GPG and AES
  1. Hacking
  2. TryHackMe
  3. Complete Beginner

7. Cryptography - Encryption

Seventh section in Complete Beginner learning path.

Introduction

Some common terms to know before continuing are:

  • Ciphertext : result of encrypting plaintext.

  • Cipher : method of encrypting or decrypting data, modern ciphers are cryptographic but not all are.

  • Plaintext : data before encryption, commonly text but can be a file or image.

  • Encryption : transforming plaintext to ciphertext using a cipher.

  • Encoding : not encryption but form of data representation like base64, immediately reversible.

  • Key : info needed to correct decrypt ciphertext to plaintext.

  • Passphrase : like a password, used to protect a key.

  • Asymmetric encryption : different keys to encrypt and decrypt.

  • Symmetric encryption : same key to encrypt an decrypt.

  • Brute force : attacking cryptography by trying every password or key.

  • Cryptanalysis : attacking cryptography by finding flaws in the maths.

  • Alice and Bob : used to represent two people who want to communicate, used because it gives initials A and B.

Why is Encryption Important?

Cryptography is used to ensure integrity, authenticity and protect confidentiality. When you connect to SSH, your client and server establish an encrypted tunnel so no one can snoop on your session. When you connect to a bank, a certificate using cryptography proves it is actually your bank.

Whenever sensitive data needs to be stored, it should be encrypted. Passwords, however, should never be encrypted unless in some sort of password manager, these should always be stored in their hashed format.

Crucial Maths

The modulo operator is used in pretty much every programming language, or it at least has it available via a library. For example, 25 % 5 is 0, as there is no remainder when dividing 25 by 5. 23 % 6 is 5, because 23 does not divide evenly by 6, there would be a remainder of 5. Modulo is not reversible, if you are given the equation X % 5 = 4 then there are infinite possibilities for X that would be valid.

Types of Encryption

Two two main types of encryption are asymmetric and symmetric.

Symmetric encryption uses the same key to encrypt and decrypt. Examples of Symmetric encryption are DES (broken) and AES. These algorithms are faster than asymmetric encryption and use smaller keys.

Asymmetric encryption uses a pair of keys, one to encrypt and one to decrypt. Examples of this are RSA and Elliptic Curve Cryptography. These keys are typically referred to as public and private.

RSA (Rivest Shamir Adleman)

RSA Is based on the mathematically difficult problem of working out factors of a large number. It is quick to multiply two prime numbers like 17*23=391 but it is difficult to work out which two prime numbers multiply to make 14351.

The key variables to know about in RSA (for CTFs) are p, q, m, n, e, d, and c.

"p" and "q" are large prime numbers and "n" is the product of them. The public key is "n" and "e" while "m" is used to represent the plaintext message and "c" represents the ciphertext.

Digital Signatures and Certificates

Digital signatures can prove who created or modified a file. Using asymmetric cryptography, a signature is produced with your private key and verified with your public key. Digital signatures and physical signatures have the same legal value in the UK.

Certificates are also used for public key cryptography, commonly they are used in HTTPS. Certificates prove a website is what it says it is. The chain of trust starts with a root CA (certificate authority). Root CAs are automatically trusted from install, certificates below that are trusted because the root CA says they are, certificates below that are trusted because the organisation is trusted by the root and so on.

SSH Authentication

SSH is authenticated with a username and password by default, however, it can be configured with key authentication instead, this will use public and private keys to prove the client is valid & authorised. If someone acquires your private key, they can use this to login to servers that accept it (unless its encrypted). The passphrase that decrypts the key must also never be something which can identify you to the server.

These keys are stored in the ~/.ssh directory by default, the authorized_keys file in here holds public keys which can access the server. To use a private SSH key the permissions must be set to 600 (only owner can read and write) or stricter, ssh -i key_name user@host is the default syntax for authenticating with an SSH key.

Diffie Hellman Key Exchange

Alice and Bob want to talk securely with a common key, they can use symmetric cryptography, but they don't want to key exchange with asymmetric cryptography, this is where Diffie Hellman (DH) comes in.

Alice and Bob (A and B) generate secrets, they also have common public material called C. Assuming that when we combine secrets and material it is impossible to separate, secondly we assume the order of combination does not matter. Alice and Bobs secrets are combined with the public material, creating AC and BC. These are then sent and combined to form two identical keys, ABC, which can now be used to communicate.

PGP, GPG and AES

PGP (Pretty Good Privacy) is software which implements encryption for files, digital signing and more.

GPG is an open source implementation of PGP which may need to be used in CTFs to decrypt files. PGP/GPG can be used to protect private keys with passphrases like SSH. If a password is protected it can be cracked with John the Ripper and gpg2john.

AES (Advanced Encryption Standard) is a replacement for DES which had short keys and cryptographic flaws.

Last updated 4 months ago

Some tools exist for defeating RSA CTF challenges like and .

🦈
🖥️
RsaCtfTool
rsatool